🔥 Land A High Paying Web3 Job In 90 Days LEARN MORE

Crypto phishing group Angel Drainer siphons $403K through a deceptive smart contract

In this post:

  • Etherscan verification is exploited to cloak malicious smart contracts.
  • The attack underscores the evolving tactics of crypto phishing groups.
  • Vigilance urged as Safe users remain potential targets.

In a recent attack, the notorious phishing group Angel Drainer managed to pilfer over $400,000 from 128 crypto wallets. Employing a new tactic, the group deployed a malicious Safe vault contract, exploiting Etherscan’s verification tool to cloak the contract’s nefarious nature. Blockchain security firm Blockaid has shed light on the incident, revealing the intricacies of the attack and its ramifications.

Angel Drainer’s deceptive tactics net $403K in crypto attack

Angel Drainer initiated their assault by deploying a malicious Safe Vault contract. This move swiftly ensnared 128 unsuspecting users who unwittingly signed a “Permit2” transaction, leading to the expropriation of $403,000 in funds. 

Blockaid, in a post to X on February 13th, delineated the mechanics of the attack, highlighting the utilization of Etherscan’s verification tool to lend an aura of legitimacy to the fraudulent contract.

The sophistication of Angel Drainer’s ploy lay in its exploitation of Etherscan’s verification tool. By leveraging this feature, the group managed to provide victims with a false sense of security, masking the malicious intent behind the Safe Vault contract. 

See also  Meta blocks Pixelfed links, sparking free speech concerns

Etherscan’s automatic addition of a verification flag to legitimate contracts inadvertently facilitated the success of the phishing endeavor, amplifying the impact of the attack.

Minimal impact on the safe user base

Blockaid emphasized that the attack was not a direct assault on Safe users. Instead, Angel Drainer opted to employ the Safe Vault contract due to Etherscan’s verification flag feature, which could deceive users into believing in the contract’s legitimacy. 

Despite the sizable sum pilfered and the sophisticated nature of the attack, Safe’s user base has not been broadly affected. Blockaid has promptly notified Safe of the breach and is actively collaborating to mitigate further damage.

From Zero to Web3 Pro: Your 90-Day Career Launch Plan

Share link:

Disclaimer: The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decision

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Editor's choice

Loading Editor's Choice articles...
Subscribe to CryptoPolitan